September 2013 - Page 3 of 3 - The Privacy Post

After months of obfuscation and deliberate lies, the National Security Agency has finally admitted to overreach. For anyone following the Edward Snowden leaks of the NSA’s PRISM program, the government’s official response to the controversy has been far from satisfactory. But with this partial admission of wrongdoing, the first steps towards governmental transparency may be within reach. Everyday Internet users and privacy advocates can support bipartisan efforts to stave off the NSA’s massive breach of powers while keeping their data safe in the meantime through secure cloud storage services.

NSA Overreach

In late August, the NSA contradicted previous denials of their now notorious data collection program by claiming, “Over the past decade, very rare instances of willful violations of NSA’s authorities have been found, but none under FISA or the Patriot Act.” This partial admission of systemic violations goes to show just how far the organization has to go before satisfying the justified paranoia of average users online. According to the Electronic Frontier Foundation’s Nate Cardozo, this admission is only a tiny move in the right direction. The privacy advocate and attorney said, “On August 9, the president stated categorically that the NSA’s authorities are ‘not being abused. On August, 15, we learned that in fact the NSA broke its own privacy rules thousands of times a year. On August 16, the Chair of the Senate Select Committee on Intelligence qualified the president’s earlier claim and stated that the NSA had never ‘intentionally’ abused its authority. Today’s report indicates that neither the president nor Senator Feinstein has been forthright with the American public. Not only is the NSA abusing its authority, but some of that abuse is intentional.”

How the PRISM Program Might Work

Who are we to believe when it comes to understanding how far the government has gone in breaching our privacy rights for the sake of national security? Users can’t trust officials who deliberately lie only to reveal only as much as is necessary when it’s deemed pragmatic. According to NSA Director Keith Alexander, “We get all these allegations of what [the NSA] could be doing, but when people check what the NSA is doing, they’ve found zero times that’s happened. And that’s no bullshit. Those are the facts.”

Unfortunately, the public still hasn’t been given the facts and there is no public oversight of the PRISM program as it stands. Senator Dianne Feinstein (D – Cali.) is the chairman of the Senate intelligence panel and voiced her concerns over the NSA’s recent admissions. “I am reviewing each of these incidents in detail,” said Feinstein. The senator asserted that “Any case of noncompliance is unacceptable, but these small numbers of cases do not change my view that NSA takes significant care to prevent any abuses and that there is a substantial oversight system in place.” Despite these attempts at calming the public, there has been no broad effort to set appropriate transparency and privacy measures.

This legal mess has prompted privacy advocates to rally around a call for universal security and privacy standards. According to the American Civil Liberties Union’s deputy legal director, Jameel Jaffer, “There’s a pattern of the administration making misleading statements about its surveillance activities. The government tells us one thing, and another thing is true.” This deep lack of trust in governmental monitoring will only deepen as long as transparency measures aren’t set in place. The public deserves to know exactly when, how, and why their data is being monitored. House Intelligence Committee members like Chairman Mike Rogers back the NSA’s story, so it’s unclear who is trustworthy and to what degree the NSA is being honest with the American people, especially provided its recent history of deliberate lies. Still, Representative Mike Rogers (R – Mich.) claims that “The disclosed documents demonstrate that there was no intentional and willful violation of the law and that the NSA is not collecting the email and telephone traffic of all Americans.” It’s up to every user to decide whether or not to trust such assertions, but in the meantime, backing up sensitive data to a secure cloud that offers data privacy and user anonymity is essential in this age of uncertainty.

Protecting Your Privacy in the Meantime

For most users, finding a truly protected third party cloud service can be a challenge as many “secure” services on the market have security gaps that leave data wide open to third party attacks, leaks, or hacking. One cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak. This service provides colleges with fully private cloud storage and syncing, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak Blue is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server, so that users and small businesses of all sorts and sizes can tailor the service to fit their needs.

SpiderOak protects sensitive user data with 256-bit AES encryption so that files and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, people can rest easy knowing that their data is truly protected. SpiderOak’s cross-platform private cloud services are available for users on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, allowing for full flexibility and mobile access.